Enable forgejo ssh server

modules/system/services/forgejo/ssh.nix

@@ -0,0 +1,18 @@
+{ config, lib, ... }:
+{
+  options.custom.services.forgejo.ssh.enable = lib.mkEnableOption "";
+
+  config = lib.mkIf config.custom.services.forgejo.ssh.enable {
+    services.openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+        PermitRootLogin = "no";
+        AllowUsers = [ config.users.users.forgejo.name ];
+        # https://forgejo.org/docs/latest/admin/recommendations/#git-over-ssh
+        AcceptEnv = "GIT_PROTOCOL";
+      };
+    };
+  };
+}